A Strong User Authentication Framework for Cloud Computing
Hyotaek Lim2011, 2011 IEEE Asia-Pacific Services Computing Conference
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
Cloud computing is combination of various computing entities, globally separated, but electronically connected. As the geography of computation is moving towards corporate server rooms, it bring more issues including security, such as virtualization security, distributed computing, application security, identity management, access control and authentication. However, strong user authentication is the paramount requirement for cloud computing that restrict illegal access of cloud server. In this regard, this paper proposes a strong user authentication framework for cloud computing, where user legitimacy is strongly verified before enter into the cloud. The proposed framework provides identity management, mutual authentication, session key establishment between the users and the cloud server. A user can change his/her password, whenever demanded. Furthermore, security analysis realizes the feasibility of the proposed framework for cloud computing and achieves efficiency.
Related papers
A New Approach in Cloud Computing User Authentication
Handbook of Research on Threat Detection and Countermeasures in Network Security, 2015
Cloud computing provides the full scalability, reliability, high performance and relatively low cost feasible solution as compared to dedicated infrastructure. These features make cloud computing more attractive to users and intruders. It needs more and complex security measures to protect user privacy and data centers. The main concern in this chapter is security, privacy and trust. This chapter will give a discussion and a suggestion for using cloud computing to preserve security and privacy. The malicious hacker and other threats are considering the major cause of leaking security of the personal cloud due to centralized location and remote accesses to the cloud. According to attacks, a centralized location can be easier target rather than several goals and remote access is insecure technologies which offer a boundary of options for attackers to infiltrate enterprises. The biggest concern is attackers that will use the remote connection as a jumping point to get deeper into an organization.
A Novel Method for Mutual Authentication in Cloud Computing
2021
Cloud computing is the fastest emergent internet centered technology for sharing computer resources on an as-needed base. In the cloud, security is really important. We propose a mutual authentication mechanism for cloud users and the cloud. In a cloud context, the framework also manages session keys. The mutual authentication process in this approach is split into three phases: server initialization, registration and authentication. The framework's security has been thoroughly examined in order to confirm its effectiveness. The proposed system is also immune to a variety of cloud computing assaults.
An Enhanced Authentication Architecture for Cloud Computing System
International Journal of Engineering Sciences & Research Technology, 2014
Cloud computing is a powerful tool for computation ability. This provides various diverse services and platforms for develop and manage user data in a remote storage. In this context, cloud also provides the ability to share and transfer large amounts of data in an efficient manner. In this paper, we have proposed new security architecture for cloud computing system. This ensures secure authentication system and hiding information from others. In this a diverse light weight AES algorithm based cryptographic solution is proposed for optimizing security. This model also includes one time password system for user authentication process.
A Scalable and Efficient User Authentication Scheme for Cloud Computing Environments
Cloud computing is an emerging technology that is still unclear to many security problems and user authentication, access control, and ensuring the security of stored data in cloud servers are the most challenging issues in cloud-based environment. Accordingly, this paper offers an efficient and scalable user authentication scheme for cloud computing environment. It the suggested model, various tools and techniques have been introduced and used by using the concept of agent. Therefore, a client-based user authentication agent has been introduced to confirm identity of the user in client-side. Furthermore, a cloud-based software-as-a-service application has been used to confirm the process of authentication for unregistered devices. Moreover, there are two separate servers for storing authentication and cryptography resources from main servers to decrease the dependency of user authentication and encryption processes from main server. Cryptography agent was also introduced to encrypt resources before storing on cloud servers. In overall, the theoretical analysis of the suggested scheme shows that, designing this user authentication and access control model will enhance the reliability and rate of trust in cloud computing environments as an emerging and powerful technology in various industries.
An authentication mechanism based on Client-Server architecture for accessing Cloud Computing
2014
— Cloud Computing is going to be a big change of this decade; it has drastically altered everyone’s perception of infrastructure architecture, software delivery and development model, from a security perspective a number of unchartered risk and challenges have been introduced from this relocation to the Clouds, deteriorating much of the effectiveness of traditional protection mechanisms. An organization should establish a cross-functional team to align cloud computing security governance and architecture. The proposed model namely Client-Server-Cloud-Computing (CS2C) restricts the Man-In-The-Middle and will not vitiate the Central Cloud System from the organization level within
Engineering Authentication Process with Cloud Computing
International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 2019
Cloud computing is a way to increase the capacity or add capabilities dynamically without any upfront investments. Despite the growth achieved from the cloud computing, security is still questionable which impacts the cloud model adoption. Aside of having network and application securities being adopted, there must be a security that authenticate the user when accessing the cloud services that is bound to the rules between the cloud computing provider and the client side. The existing system provides authentication based on keys Encryption algorithms either symmetric key-based or asymmetric are key-based. Both encryption approaches have a major problem related to encryption key management i.e. how to securely generate, store, access and exchange secrete keys. In this paper, an optimized infrastructure for secure authentication and authorization in Cloud Environment using SSO (Single Sign-On) is proposed. SSO is a process of authenticating once and gain access of multiple resources that aims at reducing number of login and password in heterogeneous environment and to gain balance in Security, Efficiency and Usability. Also an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks is also presented in this paper.
Comprehensive Analysis of Various Authentication Techniques to Enhance the Security of Cloud Environment
2018
Cloud computing is overpowering the means by which data storage, transmission and execution are altering. But while exploiting services of the cloud, there are enormous security concerns. Among this authentication of the cloud user is the greatest security roadblock for cloud computing. Authentication is an incredible part of data security that can be used to prevent unauthorized users to penetrate into the cloud environment. There are many types of authentication schemes available for cloud environment. Several research works have been done on these schemes to formulate new and enhanced authentication techniques that provide greater security for the data stored on the cloud. In this paper several such authentication techniques have been studied and evaluated. A comparative analysis has been done to figure out the contributions of these techniques towards cloud security and privacy. Besides this the shortcomings of these existing techniques have also been enlisted so that they can b...
Secure Enhanced User Authentication Protocol for Cloud Computing Environment
International Conference on Aerospace Sciences and Aviation Technology
Cloud computing provides innumerable benefits to its customers but failing to solve information security concerns. Cloud customers and providers need to guard against data loss and theft. Encryption of personal and enterprise data is strongly recommended. Strong encryption with key management is one of the core mechanisms that Cloud Computing systems should use to protect data, so key management is an important technology that can help secure applications and data in the cloud. In this paper, a formal analysis of a user authentication protocol for cloud computing is presented. Analysis show that the protocol is vulnerable to replay and Man-in-the middle attacks. To overcome these attacks, a modified authentication protocol for the cloud computing environment is proposed.
Authentication Issues and Techniques in Cloud Computing Security: A Review
International Conference on Sustainable Computing in Science, Technology & Management (SUSCOM-2019), 2019
Cloud Computing is a service which is rapidly increasing its growth in IT industry in recent years. The privacy and security is main challenging issue for the cloud users as well providers. The main security issues in Cloud computing are Virtualization Security, Access Control, Authentication, Application Security, Availability of Services etc. Most important issue raised in this era of cloud is Authentication, in which the identity of a user requesting for services are checked. Hence, this paper would like to discuss the methods of user Authentication and Challenges faced in this technique.
A New Framework of Authentication Over Cloud Computing
Cybernetics Approaches in Intelligent Systems, 2017
The growth of local data annually implies extra charges for the customers, which makes their business slowing down. Cloud computing paradigm comes with new technologies that offer a very economic and cost-effective solution, but the organizations are slow in accepting it due to security issues and challenges associated with it. Security is one of the major issues which hamper the growth of cloud and it is highly crucial to protect the sensitive data and systems in the cloud setting in order to ensure the privacy of its users. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view.
A Newer User Authentication, File encryption and Distributed Server Based Cloud Computing security architecture
2012
Abstract—The cloud computing platform gives people the opportunity for sharing resources, services and information among the people of the whole world. In private cloud system, information is shared among the persons who are in that cloud. For this, security or personal information hiding process hampers. In this paper we have proposed new security architecture for cloud computing platform. This ensures secure communication system and hiding information from others.
A Security Framework in Cloud Computing Infrastructure
Cloud computing is the practice of using a network on the Internet to store, manage and process data. The resources can be shared and stored on the Internet instead of computer’s hard drive. It is a convenient way to secure company’s information over the Internet by allowing firms to store and process data electronically thus leading firms to achieve economies of scale by lowering the infrastructure cost which in turn encourages firms to be cost-effective and eventually be more productive. Thus, it is very reliable and efficient way, which allows maximum utilization of recourses. However, by doing centralization, it may increase security-related issues, which can be dealt by using proper security techniques. Therefore despite numerous benefits such as easy to use and storage and management of large quantity of data over the Internet, there are threats as well that targets the security of clients data. The paper talks about the security concerns of cloud computing and put forwards the solutions that might help in reducing such risks. To have a secure cloud platform, cloud users and server must cooperate with each other. Moreover, an efficient cloud infrastructure must be proposed to reduce the security concerns of users. The three main components to secure cloud computing include confidentiality, integrity, and authentication of client’s data. Confidentially in cloud infrastructure enables the client’s data to remain secure and confidential from sensitive interference. To ensure data’s confidentiality, homomorphic encryption is necessary which enables computation on encrypted data. Although it is difficult to process and analyze encrypted data homomorphic encryption helps in processing encrypted data and thus secure the data’s confidentiality.
Comparative Analysis of Various Authentication Techniques in Cloud Computing
2013
Over the recent years, there is a great advancement in the field of Computer Science. Cloud Computing is the result of advancement in the existing technologies. It shares the characteristics with Autonomic Computing, Client- Server Model, Grid Computing, Mainframe Computer, Utility Computing, Peer-to-Peer and Cloud Gaming. Cloud Computing is beneficial not only for users but also for large and small organizations. Security issues are the major concern in Cloud Computing. In this paper, our focus is on the authentication techniques used for verifying the client identity to the Cloud Broker.
Enhancing Public Cloud Security by Developing a Model For User Authentication and Data Integrity Checking
7 th International Conference on Computer Science and Information Technology(SCCSIT’7), Khartoum, Sudan, 2020
Cloud computing is being adopted generally and it has shown a high impact on the development of businesses, it enables on-demand access to shared pool of configurable computing resources. With many benefits of cloud computing it is faced by many threats just like any other computer system, among the threats is security. Authentication plays a large role in maintaining the security of data which involves confidentiality, availability and integrity of data. Cloud users need to be assured that their outsourced files to the public cloud maintains its integrity. Several authentication attacks has surfaced in cloud computing and there is need to develop a scheme that are strong enough to prevent this attacks. In this paper we presented an enhanced a model for public cloud user authentication and files integrity checking. We presented a model that uses the two-factor authentication using the username and password and a certificate based authentication for user authentication. The hash value of files are gotten and encrypted before outsourcing to the cloud so as to detect integrity failure. Our proposed model increases user confidence in cloud application as we use symmetric and asymmetric encryption for uploading of files to ensure a secure connection between cloud users and cloud providers, The model also reduces the computation power on user devices. CCS CONCEPTS •Security •Integrity •Authentication.
Design and Implementation of a Mechanism to Secure the Access in Cloud Computing
International Journal of Computing and Network Technology, 2017
The main goal of this research is to design and implement a secure mechanism to access a cloud service system by using authentication service, virtual private network, and short message service to achieve security. The authentication mechanism would reject unauthorized access attempts by unauthorized users, while the authorized users will be allowed to access the services by receiving an SMS code on his/her mobile that can be used to log on the service. The system was designed, implemented, and tested successfully.
Implementation of User Authentication as a Service for Cloud Network
There are so many security risks for the users of cloud computing, but still the organizations are switching towards the cloud. The cloud provides data protection and a huge amount of memory usage remotely or virtually. The organization has not adopted the cloud computing completely due to some security issues. The research in cloud computing has more focus on privacy and security in the new categorization attack surface. User authentication is the additional overhead for the companies besides the management of availability of cloud services. This paper is based on the proposed model to provide central authentication technique so that secured access of resources can be provided to users instead of adopting some unordered user authentication techniques. The model is also implemented as a prototype.
TRENDING SECURITY MECHANISM IN CLOUD COMPUTING
IAEME PUBLICATION, 2018
Cloud computing is a concept of modern and smart computing world. People buy high configuration computer system for their use but a little amount of the total capacity is used by them. So, computing power and money both becomes waste. The solution of this problem is cloud computing. In cloud computing environment the client’s whole data is on cloud server which is offered by cloud service provider (CSP). Cloud service provider offers facility of processing power, storage space, software etc. The whole data of user is on cloud server and accessed by user through login credentials. Cloud computing reduces the on-demand hardware and processing power requirement of these days. While the need of cloud computing increases the security challenges also increases. This paper first describes the need of cloud computing and some security challenges and some proposed security solutions to it.
A robust authentication scheme for data security and storage mechanism in cloud computing
Journal of emerging technologies and innovative research, 2018
Cloud computing, often referred to as simply “the cloud”, is the delivery of on-demand computing resources everything from applications to data centers-over the internet on a pay-for-use basis. The cloud storage contributors are in charge for monitoring the data which is available and accessible on the cloud. It is a dreadfully challenging part to maintain the security of data stored in third party cloud database. The stored data in cloud is so important that the user ensures that no data is corrupted or lost. Much research work has been done on data security using RSA with a traditional approach and logic. The entitled research work emphasize on a robust scheme to provide integrity, privacy, and confidentiality to data stored on the cloud .The scheme emphasize on security and authentication using efficient RSA with key encryption MD5 along with the efficient mechanism for data being stored in the data centers . RSA algorithm uses efficient two public key pairs rather than sending t...
Assessment of Strong user Authentication Schemes in Cloud Computing
tudies indicate that digital identity fraud is still on the rise, with an increase in sophistication (that is, "phishing," "man-in-the-middle," DNS poisoning, malware, social engineering, and so on) and an expansion of attack vectors (that is, unregulated financial systems, healthcare data, synthetic identities, and so on). With the upward trend of moving data and services into the Web and cloud-based platforms, the management and control of access to confidential and sensitive data is becoming more than verifying simple user credentials at the onset of user sessions for one application. One of the mostly used methods today is the gaining of account access by stealing reusable credentials for Web sites that have not yet implemented "strong" user authentication. This is so, because most common forms of credentials today are knowledge-based (that is, user ID and password) and are requested only once during sign-on, which provides a higher level of conveni...
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.